Emergency Change Freeze Request
Luke Macken
lmacken at redhat.com
Tue Oct 20 14:23:54 UTC 2009
On Mon, Oct 19, 2009 at 11:59:11PM -0500, Dennis Gilmore wrote:
> On Monday 19 October 2009 09:55:50 pm Luke Macken wrote:
> > On Mon, Oct 19, 2009 at 08:06:08PM -0500, Dennis Gilmore wrote:
> > > We notcied that there was no apache logging on cvs1. this is because the
> > > selinux policy was preventing apache from writing log files. For now i
> > > have set selinux to permissive mode until we can fix the policy
> > > correctly.
> >
> > What were the specific SELinux denials?
> >
> > I don't see any AVCs on cvs1, nor have I seen any since we flipped it to
> > enforcing mode.
> >
> > How did you come to this conclusion?
>
> the bunch of httpd messages i got while tailing /var/log/audit/audit.log
> however looking at it now it doesnt seem related to logging. doing a graceful
> of httpd after setting enforcing to permissive enabled logs to work again.
If those messages don't say '{ denied }', then it's probably fine...
luke
More information about the Fedora-infrastructure-list
mailing list